Firewalls and the Virtual Network: Trouble Controlling the Blaze?

The late 1980s saw the rise of Internet firewall technology as a way to separate "trusted" internal networks from the wilds of potentially hazardous online sites. But while firewalls offered substantive protection for personal desktops and local offices using a single server stack, the rise of virtual and cloud environments gave hackers a new way in. The use of the wall came under fire. Was it outdated? Past its prime? Some companies don't agree, and are developing new ways to secure systems and deter would-be intruders.

Getting Specific

Security firm Palo Alto Networks, for example, is wading into very specific firewall territory with its newest offering, one designed to work specifically with VMware products and virtual machines (VMs). According to an article at Computerworld, the company's VM-series of products aims to fill the gap left by physical firewalls: between VM-to-VM intra-host traffic flows. The VM-100, 200, and 300 versions of Palo Alto's software allow IT admins to specify exactly which workloads can talk to each other, but require careful measurement when it comes to determining proper utilization.

Ideally, the application-level VM-series will act as part of a whole, in concert with established physical firewalls to provide near-total coverage, but the company also has plans to launch a cloud-based malware detection component. This subscription service will notify users of potential problems. Although it can't remediate them, it points to the other direction security companies must take: general purpose firewall products.

Getting General

Aside from stealing company data and corporate secrets from big business, hackers can do serious damage if they decide to go after infrastructure. It's the potential problems with power grids that interests Michigan Technological University's Chee-Wooi Ten; he's developing a way to protect electric substations from unwanted intrusion based on a product from Israel-based Waterfall Security Solutions. A recent Michigan Tech article discusses the Unidirectional Security Gateway, which is a effectively a semi-permiable firewall: Information can only flow one direction. Unlike traditional firewalls that rely on rules, conditions, and lists of blacklisted apps to make their decisions, the Gateway does away with it all, letting information flow away but not back to the source.

Already, Waterfall employs this technology in Europe, Asia, and Israel. Ten hopes modifications to the project--he has a $24,000 budget and $210,000 worth of equipment to work with--will improve the energy industry at large by increasing efficiency, reliability, and security. If nothing else, it's certainly thinking outside the box.

And for midsize IT admins, that's the key for new firewall technology. Specific offerings like Palo Alto's VM-series provide ways to shore up the defenses of virtual machines, while more generally applicable solutions like the Unidirectional project and Ten's improvements give hope for broad-scope impact across multiple sectors. While many solutions won't be marketed directly to a midsize business crowd, owing to the needs of government agencies and potential windfall from enterprise, that doesn't mean they aren't effective tools. Admins may need, instead, to look beyond the physical firewall they already have to the virtual firewall they need.

This post was written as part of the IBM for Midsize Businessprogram, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.

More on This Topic

According to emerging studies, cybercrime does pay, with Juniper Research projecting security breaches will cost businesses $2.1 trillion in 2019. Such attacks are on the rise. In fact, this number represents a fourfold increase compared to break-ins occurring in 2015. ...

There's no way around it: Human error is the primary cause of data security issues. A recent report has identified it as the No. 1 security issue across all industries, which is all the more reason managed service providers (MSPs) ...

According to MSPmentor, a new study by the Ponemon Institute reveals cybercriminals are targeting health care organizations and their managed service provider (MSP) partners. Today, MSPs are playing a more important role in protecting patient information. Health care data security ...

The managed security services market has been in play for more than a decade. Not surprisingly, it continues to show vibrant growth, fueled in part by cloud-related factors. Research and Markets, in a January 2015 report, estimated that market growth ...

Featured Event

Featured Resources

This is PivotPoint

PivotPoint is a powerful resource to help drive business growth and opportunities for MSPs and CSPs.
Powered by valuable insight from industry thought leaders, PivotPoint offers expertise to help you develop, differentiate and scale your business.
Whether you’re looking to expand into higher-value solutions or build, manage and secure your infrastructure, PivotPoint is the destination and IBM is the partner to get you there.